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DETAILED ACTION 

1 . This action is in response to the amendment filed 12/22/06. 

2. Claims 1-4 & 6-43 are pending. 



Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

4. Claims 1-4 and 7-8 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Hartel, et al., (Hartel), "The operational semantics of a Java Secure Processor", 
1/16/1998. 

As per claim 1 , Hartel discloses a method for securely installing an applet on 
a computer system having a data storage and a secure processor (p. 1 :20-21 , 
"software (i.e. applets) that has to be (installed and) run on a smart card processor (i.e. 
a secure processor)", and p. 4:35-36, "The JSP (i.e. secure processor) uses a number 
of areas of storage for data, code and bookkeeping"), comprising: 

- receiving an applet in the data storage (p. 4:35-36, "The JSP (i.e. secure 
processor) uses a number of areas of storage for data, code and bookkeeping"), 
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- determining from at least a portion of the applet whether the applet is 
capable of being executed by the secure processor (p. 2:27-28, "(the applet is) 
digitally signed so that tampering can be detected when code is being loaded (i.e. if it is 
determined from the signature that the applet has been tampered with, the applet is 
deemed incapable of being executed by the secure processor)"), 

- wherein the portion of the applet includes at least one of a security meta- 
data portion, a resource meta-data portion, and a meta-data signature portion (p. 
2:27-28, "(the applet is) digitally signed (i.e: a meta-data signature portion) so that 
tampering can be detected when code is being loaded"), 

- installing the applet on the secure processor if the secure processor is 
capable of executing the applet (p. 2:27-28, "(the applet is) digitally signed so that 
tampering can be detected when code is being loaded (i.e. if it is determined from the 
signature that the applet has been tampered with, the applet is deemed incapable of 
being executed by the secure processor; otherwise, the applet is installed on the secure 
processor)"). 

As per claim 2, the rejection of claim 1 is incorporated and further, Hartel 
discloses that the applet is stored in a non-secure storage (p. 4:35-36, "The JSP (i.e. 
secure processor) uses a number of areas of storage for data (i.e. secure and non- 
secure storage), code and bookkeeping"). 
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As per claim 3, the rejection of claim 2 is incorporated and further, Hartel 
discloses that the applet further comprises a meta-data portion and an executable 
portion (p. 2:27-28, "(the applet is) digitally signed (i.e. a meta-data portion) so that 
tampering can be detected when code is being loaded", and an applet contains an 
executable portion). 

As per claim 4, the rejection of claim 3 is incorporated and further, Hartel 
discloses that the applet further comprises a certificate portion (p. 2:27-28, "(the 
applet is) digitally signed (i.e. a certificate) so that tampering can be detected when 
code is being loaded"). - 

As per claim 7, the rejection of claim 5 is incorporated and further, Hartel 
discloses that the step of determining whether the applet is capable of being 
executed by the secure processor further comprises loading the meta-data 
portion of the applet into a secure storage area in the secure processor (p. 4:35- 
36, "The JSP (i.e. secure processor) uses a number of areas of storage (i.e. secure and 
non-secure) for data, code and bookkeeping"). 

As per claim 8, the rejection of claim 7 is incorporated and further, Hartel 
discloses that the step of determining whether the applet is capable of being 
executed by the secure processor further comprises cryptographically verifying 
the security meta-data portion and the resource meta-data portion of the meta- 
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data portion of the applet against the signature portion of the meta-data portion of 
the applet (p. 2:21-22 "provide facilities such as ownership control and 
cryptographically protected modes of use"). 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the. subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 9-11, 13-21 and 33-36 are rejected under 35 U.S.C. 103(a) as being 
obvious over Hartel, et al., (Hartel), "The operational semantics of a Java Secure 
Processor", 1/16/1998, in view of Shear et al, (Shear), U.S. Patent No. 6,157,721. 

As per claim 9, the rejection of claim 7 is incorporated and further, Hartel doesn't 
explicitly disclose that the step of determining whether the applet is capable of 
being executed by the secure processor further comprises verifying that a secure 
processor security requirement of the security meta-data portion of the applet is 
met or exceeded by a secure processor security rating of the secure processor. 

However, Shear, in an analogous environment, discloses that the step of 
determining whether the applet is capable of being executed by the secure 
processor further comprises verifying that a secure processor security 
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requirement of the security meta-data portion of the applet is met or exceeded by 
a secure processor security rating of the secure processor (col. 22:27-40, 
"preventing protected processing environments (i.e. secure processor) having different 
security level classifications (i.e. secure processor security rating) from executing the 
same load module (i.e. applet)"). 

Therefore, it would have been obvious to a person of ordinary skill in the art, at 
the time the invention was made, to incorporate the teachings of Shear into the system 
of Hartel to have the step of determining whether the applet is capable of being 
executed by the secure processor further comprise verifying that a secure 
processor security requirement of the security meta-data portion of the applet is 
met or exceeded by a secure processor security rating of the secure processor. 
The modification would have been obvious because one of ordinary skill in the art would 
have wanted to load the appropriate applet for the specified computer system, based on 
all of the requirements of the applet program, so that the applet/system combination will 
execute properly. 

As per claim 10, the rejection of claim 9 is incorporated and further, Hartel 
doesn't explicitly disclose that the step of determining whether the applet is capable of 
being executed by the secure processor further comprises: 

- determining that the secure processor security requirement of the 
security meta-data portion of the applet is not met or exceeded by a secure 
processor security rating of the secure processor. 
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- suggesting the use of a second applet that may have a second secure 
processor security requirement that is met or exceeded by the secure processor 
security rating of the secure processor . 

However, Shear, in an analogous environment, discloses that the step of 
determining whether the applet is capable of being executed by the secure processor 
further comprises: 

- determining that the secure processor security requirement of the 
security meta-data portion of the applet is not met or exceeded by a secure 
processor security rating of the secure processor (col. 22:27-40, "preventing 
protected processing environments (i.e. secure processor) having different security level 
classifications (i.e. secure processor security rating) from executing the same load 
module (i.e. applet)"), 

- suggesting the use of a second applet that may have a second secure 
processor security requirement that is met or exceeded by the secure processor 
security rating of the secure processor (col. 22:27-40, "preventing protected 
processing environments (i.e. secure processor) having different security level 
classifications (i.e. secure processor security rating) from executing the same load 
module (i.e. applet)"). 

Therefore, it would have been obvjous to a person of ordinary skill in the art, at 
the time the invention was made, to incorporate the teachings of Shear into the system 
of Hartel to have the step of determining whether the applet is capable of being 
executed by the secure processor further comprises: 
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- determining that the secure processor security requirement of the 
security meta-data portion of the applet is not met or exceeded by a secure 
processor security rating of the secure, 

- suggesting the use of a second applet that may have a second secure 
processor security requirement that is met or exceeded by the secure processor 
security rating of the secure processor. 

The modification would have been obvious because one of ordinary skill in the 
art would have wanted to load the appropriate applet for the specified computer system, 
based on all of the requirements of the applet program, so that the applet/system 
combination will execute properly. 

As per claims 11 & 13, the Hartel/Shear system also discloses such claimed 
limitations as addressed in claim 9 & 10, above. 

As per claim 14, the rejection of claim 3 is incorporated and further, Hartel 
discloses: an encrypted executable and an unencrypted signature (p. 2:21-22 
"provide facilities such as ownership control and cryptographically protected modes of 
use"). 

As per claim 15, the rejection of claim 14 is incorporated and further, Hartel 
discloses that the step of installing the applet on the secure processor further 
comprises storing the executable portion of the applet in the secure storage area 
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(p. 4:35-36, "The JSP (i.e. secure processor) uses a number of areas of storage (i.e. 
secure and unsecured) for data, code and bookkeeping"). 

As per claim 16, the rejection of claim 15 is incorporated and further, Hartel 
discloses that the step of installing the applet on the secure processor further comprises 
requesting a decryption key for the encrypted executable portion of the applet; 
receiving the decryption key; and decrypting the encrypted executable portion 
into an unencrypted executable portion using the decryption key (p. 2:21-22 
"provide facilities such as ownership control and cryptographically protected modes of 
use"). 

As per claim 17, the rejection of claim 16 is incorporated and further, Hartel 
discloses that the step of installing the applet on the secure processor further 
comprises verifying the unencrypted executable portion against the unencrypted 
executable signature (p. 2:21-22 "provide facilities such as ownership control and 
cryptographically protected modes of use"). 

As per claim 18, the rejection of claim 16 is incorporated and further, Hartel 
discloses that the step of installing the applet on the secure processor further 
comprises verifying the executable portion prepended with an applet serial 
number, against the unencrypted executable signature (p. 2:21-22 "provide facilities 
such as ownership control and cryptographically protected modes of use", and p. 5:17- 
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18, "gathers the bytecode and the method headers (containing the applet serial number) 
for the methods of all application programs (i.e. applets) in the system"). 

As per claim 19, the rejection of claim 17 is incorporated and further, Hartel 
discloses that the step of installing the applet on the secure processor further comprises 
binding the unencrypted executable portion to the secure processor (p. 2:21-22 
"provide facilities such as ownership control and cryptographically protected modes of 
use"). 

As per claim 20, the rejection of claim 17 is incorporated and further, Hartel 
discloses that the step of installing the applet on the secure processor further 
comprises: 

- encrypting the unencrypted executable portion to an encrypted 
executable (p. 2:21-22 "provide facilities such as ownership control and 
cryptographically protected modes of use"), 

- storing the encrypted executable in the non-secure storage (p. 4:3, "an 
(non-secure) area of memory"), 

- storing the encrypted executable's decryption key in the secure storage 
area (p. 2:21-22 "provide facilities such as ownership control and cryptographically 
protected modes of use"). 
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As per claim 21 , the rejection of claim 1 is incorporated and further, Hartel 
discloses that the computer system further comprises a non-secure processor (p. 

2:3, "a JVM"). 

As per claims 33-36, this is a system version of the claimed method discussed 
above, in claims 3-4, wherein all claimed limitations have also been addressed and/or 
cited as set forth above. For example, see the Hartel/Shear system, e.g. Hartel p. 1:20- 
6:40 and Shear col. 5:1-5 and 22:27-40. 

7. Claims 6, 12, 22-32 and 37-43 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Hartel, et al., (Hartel), "The operational semantics of a Java Secure 
Processor", 1/16/1998, in view of Shear etal, (Shear), U.S. Patent No. 6,157,721, 
further in view of Moore et al. (Moore), U.S. Patent No. 5,696,975: 

As per claim 6, the rejection of claim 5 is incorporated and further, the 
Hartel/Shear system doesn't explicitly disclose that the resource meta-data portion is 
adapted to designate resources comprising at least one of: a biometric sensor; a 
secure output; a keyboard; a personal identification number entry device; a 
global positioning system input; a magnetic stripe card reader; a secure storage 
area; a performance metrics, an algorithm implementing specific cryptographic 
algorithms; and at least one smart card slot. 
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However, Moore, in an analogous environment, discloses that the resource 
meta-data portion is adapted to designate resources comprising at least one of: a 
biometric sensor; a secure output (p. 3 col. L30-31, "Secure Sockets Layer (SSL) 
technology"); a keyboard; a personal identification number entry device; a global 
positioning system input; a magnetic stripe card reader; a secure storage area; a 
performance metrics, an algorithm implementing specific cryptographic 
algorithms; and at least one smart card slot (col. 1:29-45, The steps in launching an 
application, i.e., installation, configuration, and execution ... requiring the computer 
system to be configured or reconfigured with the specific requirements of the application 
in mind. For example, some applications require the use of an expanded memory 
manager while others will operate only if no expanded memory is allocated (i.e. memory 
and performance metrics)", and col. 8:5-20, "The initialization file is then scanned 462 
the first time to determine the total memory requirements for the application. If the 
amount required exceeds the amount available 464, an error message is displayed 466 
to the user"). 

Therefore, it would have been obvious to a person of ordinary skill in the art, at 
the time the invention was made, to incorporate the teachings of Moore into the 
Hartel/Shear system in order to have a the resources designated, comprise at least one 
of : a biometric sensor; a secure output; a keyboard; a personal identification 
number entry device; a global positioning system input; a magnetic stripe card 
reader; a secure storage area; a performance metrics, an algorithm implementing 
specific cryptographic algorithms; and at least one smart card slot The 
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modification would have been obvious because one of ordinary skill in the art would 
have wanted verify that the appropriate requirements are available on the computer 
system in order to load the appropriate applet for the computer system, so that the 
applet/system combination will execute properly. 

As per claim 12, the rejection of claim 7 is incorporated and further, the 
Hartel/Shear system doesn't explicitly disclose that the step of determining whether 
the applet is capable of being executed by the secure processor further 
comprises verifying that the secure processor is capable of supplying resources 
designated in the resource meta-data portion of the meta-data portion of the 
applet 

However, Moore, in an analogous environment, discloses that the step of 
determining whether the applet is capable of being executed by the secure 
processor further comprises verifying that the secure processor is capable of 
supplying resources designated in the resource meta-data portion of the meta- 
data portion of the applet (col. 1:29-45, "The steps in launching an application, i.e., 
installation, configuration, and execution ... requiring the computer system to be 
configured or reconfigured with the specific requirements of the application in mind. For 
example, some applications require the use of an expanded memory manager while 
others will operate only if no expanded memory is allocated (i.e. resources)", and col. 
8:5-20, "The initialization file is then scanned 462 the first time to determine the total 
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memory requirements for the application. If the amount required exceeds the amount 
available 464, an error message is displayed 466 to the user"). 

Therefore, it would have been obvious to a person of ordinary skill in the art, at 
the time the invention was made, to incorporate the teachings of Moore into the 
Hartel/Shear system to have the step of determining whether the applet is capable 
of being executed by the secure processor further comprises verifying that the 
secure processor is capable of supplying resources designated in the resource 
meta-data portion of the meta-data portion of the applet. The modification would 
have been obvious because one of ordinary skill in the art would have wanted to load 
the appropriate applet for the specified computer system, based on all of the 
requirements of the applet program, so that the applet/system combination will execute 
properly. 

\_ 

As per claims 22-29, this is another method version of the claimed method 
discussed above, in claims 1 , 2, 8-16 and 20, wherein all claimed limitations have also 
been addressed and/or cited as set forth above. For example, see the 
Hartel/Shear/Moore system, (Hartel p. 1:20-6:40, Shear col. 5:1-5 and 22:27-40 and 
Moore col. 1:29-8:20). 

As per claims 30-32, this is another method version of the claimed method 
discussed above, in claims 1, 8, 10-16, 20 and 24, wherein all claimed limitations have 
also been addressed and/or cited as set forth above. For example, see the 
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Hartel/Shear/Moore system, (Hartel p. 1:20-6:40, Shear col. 5:1-5 and 22:27-40 and 
Moore col. 1:29-8:20). 

As per claims 37-40, this is a system version of the claimed method discussed 
above, in claims 1, 2, 8-16, 20, 22 and 24, wherein all claimed limitations have also 
been addressed and/or cited as set forth above. For example, see the 
Hartel/Shear/Moore system, (Hartel p. 1:20-6:40, Shear col. 5:1-5 and 22:27-40 and 
Moore col. 1:29-8:20). 

As per claim 41, the rejection of claim 38 is incorporated and further, Hartel 
discloses that the resource meta-data portion comprises an applet serial number 

(p. 5:17-18, "gathers the bytecode and the method headers (containing the applet serial 
number) for the methods of all application programs (i.e. applets) in the system"). 

As per claims 42 and 43, this is a product version of the claimed method 
discussed above, in claim 8, wherein all claimed limitations have also been addressed 
and/or cited as set forth above. For example, see the Hartel/Shear/Moore system 
(Hartel p. 1:20-6:40, Shear col. 5:1-5 and 22:27-40 and Moore col. 1:29-8:20). 



8. 



Response to Arguments 

Applicants arguments have been considered but they are not persuasive. 
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In the remarks, the applicant has argued substantially that: 

1) Neither Hartel, alone or in combination with Shear or Moore disclose determining 
whether an applet is capable of being executed by a secure processor, nor installing the 
applet if it is in fact capable, at p. 13:17-19, 15:10-20 and 16:3-12. 

Examiner's response: 

1) The examiner disagrees with applicant's characterization of the applied art. The 
Hartel/Shear/Moore combination does disclose determining whether an applet is 
capable of being executed by a secure processor, and installing the applet if it is in fact 
capable, at Hartel, p. 2:27-28, "(the applet is) digitally signed so that tampering can be 
detected when code is being loaded", and if it is determined from the signature that the 
applet has been tampered with, the applet is deemed incapable of being executed by 
the secure processor. Clearly, an applet that has been tampered with or modified in an 
unknown way is not capable of performing it's intended function. 

In the remarks, the applicant has argued substantially that: 

2) The Hartel/Shear/Moore combination does not disclose creating a list of 
alternative applets based at least in part on a first indicator that identifies a security 
rating and a second indicator that identifies at least one resource of the computer, at p. 
16:27-17:1. 



Examiner's response: 
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2) The examiner disagrees with applicant's characterization of the applied art. The 
Hartel/Shear/Moore combination does disclose creating a list of alternative applets 
based at least in part on a first indicator that identifies a security rating and a second 
indicator that identifies at least one resource of the computer, at Shear, col. 22:27-40, 
"preventing protected processing environments (i.e. secure processor) having different 
security level classifications (i.e. secure processor security rating) from executing the 
same load module (i.e. applet)," emphasis added. This section of Shear clearly 
discloses a list of alternative applets, called load modules, in addition to matching an 
applet to an appropriate processor based on a security rating and processor (i.e. 
resource) characteristics. 

In the remarks, the applicant has argued substantially that: 

3) At p. 17:5-16, the Hartel/Shear/Moore combination does not disclose a secure 
applet comprising: 

- a meta-data portion, said meta-data portion including a security meta-data 
portion; a resource meta-data portion; and a meta-data signature portion; 

- an executable portion, said encrypted executable portion including an encrypted 
executable portion; an unencrypted executable signature portion; and 

a certificate portion. 

Examiner's response: 

3) The examiner disagrees with applications characterization of the applied art. The 
Hartel/Shear/Moore combination does disclose a secure applet comprising: 
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- a meta-data portion, said meta-data portion including a security meta-data 
portion; a resource meta-data portion; and a meta-data signature portion; (See Hartel p. 
2:27-28, "(the applet is) digitally signed (i.e. a meta-data signature portion) so that 
tampering can be detected when code is being loaded" emphasis added, as addressed 
in claim 1, and Shear, col. 22:27-40, "preventing protected processing environments 
(i.e. secure processor) having different security level classifications (i.e. secure 
processor security rating) from executing the same load module (i.e. applet)" emphasis 
added, as addressed in claim 9) 

1 - an executable portion, said encrypted executable portion including an encrypted 
executable portion; an unencrypted executable signature portion; and 
a certificate portion (See Hartel, 9. 2:21-22, "provides facilities such as ownership 
control and cryptographically protectd modes of use", as addressed in claim 14, and 
Hartel p. 2:27-28, "(the applet is) digitally signed (i.e. a meta-data signature portion) so 
that tampering can be detected when code is being loaded" emphasis added, as 
addressed in claim 1). 

Conclusion 

9. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 



* 
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/ mailed until after the end of the THREE-MONTH shortened statutory period, then the 

shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Andre R. Fowlkes whose telephone number is (571) 
272-3697. The examiner can normally be reached on Monday - Friday, 8:00am- 
4:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Tuan Q. Dam can be reached on (571)272-3695. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




